Bug 66107

Summary: JSC verbose debugging output sometimes doesn't work as expected.
Product: WebKit Reporter: Filip Pizlo <fpizlo>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
the patch none

Filip Pizlo
Reported 2011-08-11 15:38:14 PDT
There are a few holes in our verbose debugging output: CodeBlock::dump(): - Will crash when printing JSCell constants, if converting them to string requires calling into JS code. - Will crash on op_new_regexp because of an out-of-bounds. DFG verbose mode: - Reports only the bottom address of generated code, and not the top, making it somewhat harder to mentally map executing code to the debug dumps.
Attachments
the patch (4.03 KB, patch)
2011-08-11 15:40 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Filip Pizlo
Comment 1 2011-08-11 15:40:12 PDT
Created attachment 103688 [details] the patch
Filip Pizlo
Comment 2 2011-08-11 15:58:49 PDT
Comment on attachment 103688 [details] the patch tests pass.
Gavin Barraclough
Comment 3 2011-08-17 12:56:22 PDT
Comment on attachment 103688 [details] the patch View in context: https://bugs.webkit.org/attachment.cgi?id=103688&action=review > Source/JavaScriptCore/bytecode/CodeBlock.cpp:549 > + printf("bad_regexp(%d)\n", re0); There is something a little odd about making our dumping robust against bad regexp numbers here, since I don't think we're robust against other forms of bad bytecode in dumping. Still, this is debug code, if this is helpful, sure! why not!
WebKit Review Bot
Comment 4 2011-08-17 13:54:46 PDT
Comment on attachment 103688 [details] the patch Clearing flags on attachment: 103688 Committed r93238: <http://trac.webkit.org/changeset/93238>
WebKit Review Bot
Comment 5 2011-08-17 13:54:50 PDT
All reviewed patches have been landed. Closing bug.
Darin Adler
Comment 6 2014-04-24 16:45:23 PDT
Moving all JavaScriptGlue bugs to JavaScriptCore. The JavaScriptGlue framework itself is long gone. And most of the more recent bugs put in this component were put there by people who thought this was for some other aspect of “JavaScript glue” and have nothing to do with the actual original reason for the existence of this component, which was an OS-X-only framework named JavaScriptGlue.
Note You need to log in before you can comment on or make changes to this bug.